package dragon.oauth;

import dragon.oauth.jwt.JWTTokenEnhancer;
import dragon.security.MyUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;

import java.util.ArrayList;

@Configuration
public class AuthorizationConfigurer extends AuthorizationServerConfigurerAdapter {

    @Autowired
    ClientDetailsService myClientDetailsService;

    @Autowired
    MyUserDetailsService myUserDetailsService;

    @Autowired(required = false)
    JwtTokenStore jwtTokenStore;

    @Autowired(required = false)
    JwtAccessTokenConverter jwtAccessTokenConverter;

    @Autowired
    TokenEnhancer jwtTokenEnhancer;

//    @Autowired(required = false)
//    RedisTokenStore redisTokenStore;

    /**
     * 注入authenticationManager
     * 来支持 password grant type
     */
    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.authenticationManager(authenticationManager)
                //设置token存储在redis中
//                .tokenStore(redisTokenStore)
                .userDetailsService(myUserDetailsService);
        if(jwtTokenStore != null){
            //设置jwt token存储
            endpoints.tokenStore(jwtTokenStore);
        }
        if(jwtAccessTokenConverter != null && jwtTokenEnhancer != null){
            ArrayList<TokenEnhancer> enhancerList = new ArrayList<TokenEnhancer>();
            enhancerList.add(jwtTokenEnhancer);
            enhancerList.add(jwtAccessTokenConverter);
            TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
            tokenEnhancerChain.setTokenEnhancers(enhancerList);
            endpoints.tokenEnhancer(tokenEnhancerChain);
        }else if(jwtAccessTokenConverter != null){
            //设置jwt token生成器
            endpoints.accessTokenConverter(jwtAccessTokenConverter);
        }
    }


    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.withClientDetails(myClientDetailsService);
        System.out.println("使用自定的clientDetailsService");
    }

//    @Override
//    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
//        //设定使用inMemory clientDetailsService
//        clients.inMemory()
//                //设置client id
//                .withClient("cli1")
//                //设置此client id所允许使用的认证模式（4种模式）
//                .authorizedGrantTypes("client_credentials", "password", "authorization_code")
//                //设置其权限
//                .authorities("ROLE_TRUSTED_CLIENT")
//                //设置其scope，类似于权限
//                .scopes("server", "write")
//                //设置其资源id，类似与权限
//                .resourceIds("t")
//                //设置token的有效期（秒为单位）
//                .accessTokenValiditySeconds(1000)
//                //设置client secret，这里要用加密器加密密码
//                .secret(passwordEncoder.encode("123456"))
//                //设置authorization_code模式下，重定向的地址
//                .redirectUris("http://www.163.com", "http://www.baidu.com");
//    }
}
